﻿using System.Web.Mvc;
using System.Web.Routing;
using CRM.Models;

namespace CRM.AuthorizedActionLink.Extensions
{
    /// <summary>
    /// Расширение Action
    /// </summary>
    public static class ActionExtensions
    {
        
        /// <summary>
        /// Авторизованно ли действие?
        /// </summary>
        /// <param name="htmlHelper">htmlHelper</param>
        /// <param name="actionName">Название действия</param>
        /// <param name="controllerName">Название контроллера</param>
        /// <returns>Авторизованно ли действие?</returns>
        public static bool ActionAuthorized(this HtmlHelper htmlHelper, string actionName, string controllerName)
        {
            ControllerBase controllerBase = string.IsNullOrEmpty(controllerName) ? htmlHelper.ViewContext.Controller : htmlHelper.GetControllerByName(controllerName);
            ControllerContext controllerContext = new ControllerContext(htmlHelper.ViewContext.RequestContext, controllerBase);
            ControllerDescriptor controllerDescriptor = new ReflectedControllerDescriptor(controllerContext.Controller.GetType());
            ActionDescriptor actionDescriptor = controllerDescriptor.FindAction(controllerContext, actionName);

            string userName = controllerContext.HttpContext.User.Identity.Name;

            if (actionDescriptor == null)
                return false;

            FilterInfo filters = new FilterInfo(FilterProviders.Providers.GetFilters(controllerContext, actionDescriptor));

            AuthorizationContext authorizationContext = new AuthorizationContext(controllerContext, actionDescriptor);
            foreach (IAuthorizationFilter authorizationFilter in filters.AuthorizationFilters)
            {
                authorizationFilter.OnAuthorization(authorizationContext);
                if (authorizationContext.Result != null)
                    return false;
            }

            

            return PermissionsManager.ValidatePermissions(controllerName, actionName, userName);
        
        }

        
        
        /// <summary>
        /// Отображение partial view клиента
        /// </summary>
        /// <param name="htmlHelper">HtmlHelper</param>
        /// <param name="actionName">Название действия</param>
        /// <param name="controllerName">Название контроллера</param>
        /// <param name="routeValues">Параметр клиента, должен передаваться в виде new { customerId = Model.IdCustomer }</param>
        public static void RenderAuthorizedCustomerAction(this HtmlHelper htmlHelper, string actionName, string controllerName, object routeValues)
        {
            var coll = new RouteValueDictionary(routeValues);
            var idCustomer = (int) coll["customerId"];
            bool hasAccess = PermissionsManager.ValidatePermissions(controllerName, actionName,htmlHelper.ViewContext.RequestContext.HttpContext.Request.LogonUserIdentity.Name.ToString(), idCustomer);

            if(hasAccess)
            {
                System.Web.Mvc.Html.ChildActionExtensions.RenderAction(htmlHelper,actionName,controllerName,routeValues);
            }
            else
            {
                System.Web.Mvc.Html.ChildActionExtensions.RenderAction(htmlHelper, "Empty", "Home");
            }
        }
    }
}